Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

It is reported that hackers take advantage of WinRAR vulnerabilities to distribute LONEPAGE malicious scripts: can record keyboards, steal screenshots and other sensitive information

2025-09-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)12/24 Report--

CTOnews.com, December 23 (Xinhua)-- cyber security company Deep Instinct released a report on Thursday that hackers used WinRAR vulnerabilities to distribute malicious LONEPAGE scripts to attack Ukrainian employees working in companies outside Ukraine.

It is reported that the hacker group UAC-0099 uses phishing messages containing HTA, RAR and LNK file attachments to deploy LONEPAGE (a Visual Basic script VBS malware) and contact a command and control (C2) server to record keystrokes, stolen programs and screenshots.

It is reported that UAC-0099 used the WinRAR vulnerability numbered CVE-2023-38831 (CVSS score: 7.8) to distribute malicious LONEPAGE scripts.

In addition to HTA attachments, UAC-0099 is distributed through SFX and ZIP format, where the SFX file contains a LNK shortcut, which is disguised as an DOCX file for court subpoenas, while using the icon of Microsoft WordPad to induce the victim to open it. The illustration attached to CTOnews.com is as follows:

Another attack sequence uses a specially constructed ZIP archive, which is dated August 5, 2023 in currently intercepted virus samples, three days after the WinRAR maintainer released the CVE-2023-38831 patch.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Malicious scripts files methods vulnerabilities hackers companies messages networks attachments oaks Ukraine attacks screenshots keyboards security subpoenas victims and at the same time employees vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Shulou Information OPPO Reno Xiaomi macOS Huawei MySQL Linux Redmi Apple Docker vpn Shulou Tech Info Shulou Technology Microsoft NVidia MariaDB Shulou Information OPPO Reno Xiaomi macOS Huawei MySQL Linux Redmi Apple Docker vpn Shulou Tech Info Shulou Technology Microsoft NVidia MariaDB

Share To

Related

IT Information

More IT Information >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN

© 2024 shulou.com SLNews company. All rights reserved.

12
Report